以GoogleOpenID 为例,试验了OAuth单点登录的用法:

 <dependency>

     <groupId>org.openid4java</groupId>

     <artifactId>openid4java</artifactId>

     <version>0.9.8</version>

 </dependency>
 import java.util.List;

 import javax.servlet.http.HttpServletRequest;

 import javax.servlet.http.HttpServletResponse;

 import org.openid4java.OpenIDException;

 import org.openid4java.consumer.ConsumerManager;

 import org.openid4java.consumer.VerificationResult;

 import org.openid4java.discovery.DiscoveryInformation;

 import org.openid4java.discovery.Identifier;

 import org.openid4java.message.AuthRequest;

 import org.openid4java.message.AuthSuccess;

 import org.openid4java.message.ParameterList;

 import org.openid4java.message.ax.AxMessage;

 import org.openid4java.message.ax.FetchRequest;

 import org.openid4java.message.ax.FetchResponse;

 import org.slf4j.Logger;

 import org.slf4j.LoggerFactory;

 import org.springframework.stereotype.Controller;

 import org.springframework.web.bind.annotation.RequestMapping;

 import org.springframework.web.util.UriComponentsBuilder;

 import com.google.common.base.Throwables;

 @Controller

 @RequestMapping("/openid")

 @SuppressWarnings("rawtypes")

 public class SecurityOpenIDController {

     public static final String GOOGLE_ENDPOINT = "https://www.google.com/accounts/o8/id";

     private static final Logger LOGGER = LoggerFactory.getLogger(SecurityOpenIDController.class);

     public final ConsumerManager manager = new ConsumerManager();

     @RequestMapping("/login")

     public void login(

             UriComponentsBuilder builder,

             HttpServletRequest request,

             HttpServletResponse response

         ) throws Exception

     {

         // configure the return_to URL where your application will receive

         // the authentication responses from the OpenID provider

         String returnUrl = builder.path("/openid/return").build().toUriString();

         // --- Forward proxy setup (only if needed) ---

         // ProxyProperties proxyProps = new ProxyProperties();

         // proxyProps.setProxyName("proxy.example.com");

         // proxyProps.setProxyPort(8080);

         // HttpClientFactory.setProxyProperties(proxyProps);

         // perform discovery on the user-supplied identifier

         List discoveries = manager.discover(GOOGLE_ENDPOINT);

         // attempt to associate with the OpenID provider

         // and retrieve one service endpoint for authentication

         DiscoveryInformation discovered = manager.associate(discoveries);

         // store the discovery information in the user's session

         request.getSession().setAttribute("openid-disc", discovered);

         // obtain a AuthRequest message to be sent to the OpenID provider

         AuthRequest authReq = manager.authenticate(discovered, returnUrl);

         // attribute Exchange

         FetchRequest fetch = FetchRequest.createFetchRequest();

         fetch.addAttribute("email", "http://axschema.org/contact/email", true);

         fetch.addAttribute("firstName", "http://axschema.org/namePerson/first", true);

         fetch.addAttribute("lastName", "http://axschema.org/namePerson/last", true);

         // attach the extension to the authentication request

         authReq.addExtension(fetch);

         if (!discovered.isVersion2()) {

             // Option 1: GET HTTP-redirect to the OpenID Provider endpoint

             // The only method supported in OpenID 1.x

             // redirect-URL usually limited ~2048 bytes

             response.sendRedirect(authReq.getDestinationUrl(true));

         } else {

             // Option 2: HTML FORM Redirection (Allows payloads >2048 bytes)

             response.sendRedirect(authReq.getDestinationUrl(true));

         }

     }

     @RequestMapping("/return")

     public void verifyResponse(HttpServletRequest request) {

         String email = null;

         String lastName = null;

         String firstName = null;

         try {

             // extract the parameters from the authentication response

             // (which comes in as a HTTP request from the OpenID provider)

             ParameterList response = new ParameterList(request.getParameterMap());

             // retrieve the previously stored discovery information

             DiscoveryInformation discovered = (DiscoveryInformation) request.getSession().getAttribute("openid-disc");

             // extract the receiving URL from the HTTP request

             StringBuffer receivingURL = request.getRequestURL();

             String queryString = request.getQueryString();

             if (queryString != null && queryString.length() > 0) {

                 receivingURL.append("?").append(request.getQueryString());

             }

             // verify the response; ConsumerManager needs to be the same

             // (static) instance used to place the authentication request

             VerificationResult verification = manager.verify(receivingURL.toString(), response, discovered);

             // examine the verification result and extract the verified

             // identifier

             Identifier verified = verification.getVerifiedId();

             if (verified != null) {

                 AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();

                 if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {

                     FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX);

                     List emails = fetchResp.getAttributeValues("email");

                     email = (String) emails.get(0);

                     List lastNames = fetchResp.getAttributeValues("lastName");

                     lastName = (String) lastNames.get(0);

                     List firstNames = fetchResp.getAttributeValues("firstName");

                     firstName = (String) firstNames.get(0);

                     LOGGER.debug("email: {}", email);

                     LOGGER.debug("lastName: {}", lastName);

                     LOGGER.debug("firstName: {}", firstName);

                 }

                 // success

                 // 在这里与安全框架集成 apache-shiro/spring-security

                 // 这里要根据相关的信息自己定义Principal

             }

         } catch (OpenIDException e) {

             LOGGER.error(e.getMessage(), e);

             Throwables.propagate(e);

         }

     }

 }

spring-mvc 与 openid4java的更多相关文章

  1. 如何用Java类配置Spring MVC(不通过web.xml和XML方式)

    DispatcherServlet是Spring MVC的核心,按照传统方式, 需要把它配置到web.xml中. 我个人比较不喜欢XML配置方式, XML看起来太累, 冗长繁琐. 还好借助于Servl ...

  2. Spring MVC重定向和转发以及异常处理

    SpringMVC核心技术---转发和重定向 当处理器对请求处理完毕后,向其他资源进行跳转时,有两种跳转方式:请求转发与重定向.而根据要跳转的资源类型,又可分为两类:跳转到页面与跳转到其他处理器.对于 ...

  3. Spring MVC入门

    1.什么是SpringMvc Spring MVC属于SpringFrameWork的后续产品,已经融合在Spring Web Flow里面.Spring 框架提供了构建 Web 应用程序的全功能 M ...

  4. Spring7:基于注解的Spring MVC(下篇)

    Model 上一篇文章<Spring6:基于注解的Spring MVC(上篇)>,讲了Spring MVC环境搭建.@RequestMapping以及参数绑定,这是Spring MVC中最 ...

  5. Spring6:基于注解的Spring MVC(上篇)

    什么是Spring MVC Spring MVC框架是一个MVC框架,通过实现Model-View-Controller模式来很好地将数据.业务与展现进行分离.从这样一个角度来说,Spring MVC ...

  6. 高性能的关键:Spring MVC的异步模式

    我承认有些标题党了,不过话说这样其实也没错,关于“异步”处理的文章已经不少,代码例子也能找到很多,但我还是打算发表这篇我写了好长一段时间,却一直没发表的文章,以一个更简单的视角,把异步模式讲清楚. 什 ...

  7. Java Spring mvc 操作 Redis 及 Redis 集群

    本文原创,转载请注明:http://www.cnblogs.com/fengzheng/p/5941953.html 关于 Redis 集群搭建可以参考我的另一篇文章 Redis集群搭建与简单使用 R ...

  8. 深入分析Spring 与 Spring MVC容器

    1 Spring MVC WEB配置 Spring Framework本身没有Web功能,Spring MVC使用WebApplicationContext类扩展ApplicationContext, ...

  9. spring mvc DispatcherServlet详解之前传---FrameworkServlet

    做项目时碰到Controller不能使用aop进行拦截,从网上搜索得知:使用spring mvc 启动了两个context:applicationContext 和WebapplicationCont ...

  10. 我是如何进行Spring MVC文档翻译项目的环境搭建、项目管理及自动化构建工作的

    感兴趣的同学可以关注这个翻译项目 . 我的博客原文 和 我的Github 前段时间翻译的Spring MVC官方文档完成了第一稿,相关的文章和仓库可以点击以下链接.这篇文章,主要是总结一下这个翻译项目 ...

随机推荐

  1. C#中容易被忽视的细节整理

    (有空更新系列) 1.params可变长度参数,默认值是长度为0的数组,而不是空 2.事件和委托默认值都是null 3.bool返回值的事件调用之后,其内部的合并方式是取最后一个合并对象的返回值

  2. python中字符串\r的奇怪问题

    示例: 我这里有一字符串: u'北京市工商行政管理局大兴分局\r <a onclick="showJDS(\'fa641bb3be5b44a1b618433833982fee\',\' ...

  3. XML 增删改查

    <?php $xmlpatch = 'index.xml'; $_id = '; $_title = 'title1'; $_content = 'content1'; $_author = ' ...

  4. linux ssh 使用深度解析(key登录详解)

    SSH全称Secure SHell,顾名思义就是非常安全的shell的意思,SSH协议是IETF(Internet Engineering Task Force)的Network Working Gr ...

  5. UIView如何管理它的子视图

    UIView提供了很多建立和管理视图的方法. 1.添加视图 insertSubview:atIndex:   //放在子视图数组的具体索引位置 insertSubview:aboveSubview:  ...

  6. SqlSever基础 len函数 返回一个字符串的长度

    镇场诗:---大梦谁觉,水月中建博客.百千磨难,才知世事无常.---今持佛语,技术无量愿学.愿尽所学,铸一良心博客.------------------------------------------ ...

  7. 看看,这就是微软的“万物互联”系统 window10 IOT

    今天在深圳 WinHEC2015 大会上,微软正式发布了其基于 Windows 10 开发的,专门用于一系列物联网设备的操作系统:Windows 10 IoT for Smart Devices(是的 ...

  8. JS中 window.location 与window.location.href的区别

    疑惑:window.location='url'  与window.lcoation.href='url'效果一样,都会跳转到新页面,区别在哪?查得的资料如下: 1:window.location是页 ...

  9. How do I reset Windows Update components?

    https://support.microsoft.com/en-us/kb/971058 Download and run the Windows Update Troubleshooter for ...

  10. Java Web表达式注入

    原文:http://netsecurity.51cto.com/art/201407/444548.htm 0×00 引言 在2014年6月18日@终极修炼师曾发布这样一条微博: 链接的内容是一个名为 ...